From 5d7967a157aacdb415111ec4bb18f2c101fcfa70 Mon Sep 17 00:00:00 2001
From: nemunaire <nemunaire@nemunai.re>
Date: Sun, 23 Nov 2014 16:56:30 +0100
Subject: [PATCH] Calculate countdown by reading X-FIC-time giving by the
 server instead of rely on user system date

---
 Dockerfile               |  2 +-
 TODO                     |  1 -
 front/nginx.conf         |  1 +
 htdocs/js/countdown.js   | 42 +++++++++++++++++++++++++---------------
 nginx-server-common.conf |  1 +
 5 files changed, 29 insertions(+), 18 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 67eed903..d36a7189 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -61,4 +61,4 @@ RUN chmod 777 /var/www/fic-server/onyx/cache/ /var/www/fic-server/onyx/cache/tem
 
 EXPOSE     80/tcp 443/tcp
 VOLUME	   ["/var/www/fic-server/out","/var/www/fic-server/files","/var/www/fic-server/submission","/var/www/fic-server/misc/shared"]
-CMD ["sh", "-c", "chown -R www-data:www-data /var/www/fic-server/misc /var/www/fic-server/submission; cd /var/www/fic-server/misc; if ! [ -f server.crt ]; then bash ./CA.sh -newserver; fi; bash ./CA.sh -gencrl && service nginx start && service php5-fpm start && service mysql start && echo "Copying files..." && ../gen_hash_link_files.sh --copy ../files-in ../files && ../nginx_gen_team.sh > ../misc/shared/nginx-teams.conf && (../launch_local.sh &); /bin/bash"]
+CMD chown -R www-data:www-data /var/www/fic-server/misc /var/www/fic-server/submission; cd /var/www/fic-server/misc; if ! [ -f server.crt ]; then bash ./CA.sh -newserver; fi; bash ./CA.sh -gencrl && service nginx start && service php5-fpm start && service mysql start && echo "Copying files..." && ../gen_hash_link_files.sh --copy ../files-in ../files; ../nginx_gen_team.sh > ../misc/shared/nginx-teams.conf; (../launch_local.sh &); /bin/bash
diff --git a/TODO b/TODO
index 244af6a2..ea697c37 100644
--- a/TODO
+++ b/TODO
@@ -1,6 +1,5 @@
 - Départager les ex-æquo dans le classement
 - Résoudre le problème potentiel de famine de l'ordonnanceur en cas de brute-force d'une équipe
-- Ajouter un header dans nginx avec $msec ou $time_iso8601 et calculer le timer à partir de cette valeur, au lieu de se baser sur l'horloge de l'utilisateur
 - Quand est généré la CRL ?
 - Ajouter dans la conf de nginx un ssl_dhparam + générer le fichier dans un script
 - Mettre à jour Smarty (et passer en « secure mode » ?)
diff --git a/front/nginx.conf b/front/nginx.conf
index 2760600e..762d79d0 100644
--- a/front/nginx.conf
+++ b/front/nginx.conf
@@ -31,6 +31,7 @@ server {
     add_header Strict-Transport-Security "max-age=2592000; includeSubdomains";
     add_header X-Frame-Options DENY;
     add_header X-Content-Type-Options nosniff;
+    add_header X-FIC-time $msec;
 
     error_page 400 /errors/400/index.html;
     error_page 403 /errors/403/index.html;
diff --git a/htdocs/js/countdown.js b/htdocs/js/countdown.js
index fee573f2..04caff20 100644
--- a/htdocs/js/countdown.js
+++ b/htdocs/js/countdown.js
@@ -1,24 +1,34 @@
-function update_end()
+function update_end(server_time, receive_date)
 {
-  var left;
-  if (typeof end_challenge === 'undefined')
-    left = 14400;
-  else
-    left = (end_challenge - new Date())/1000;
+    var elapsed = new Date() - receive_date;
 
-  if (left < 0) left = 0;
+    var left = 10800;
+    if (typeof end_challenge !== 'undefined')
+	left = (end_challenge - server_time - elapsed)/1000;
 
-  var heure = Math.floor(left / 3600);
-  var min = Math.floor((left / 60) % 60);
-  var sec = Math.floor(left % 60);
+    if (left < 0) left = 0;
 
-  $("#hours").html(( heure < 10 ? "0" : "" ) + heure);
-  $("#min").html(( min < 10 ? "0" : "" ) + min);
-  $("#sec").html(( sec < 10 ? "0" : "" ) + sec);
+    var heure = Math.floor(left / 3600);
+    var min = Math.floor((left / 60) % 60);
+    var sec = Math.floor(left % 60);
+
+    $("#hours").html(( heure < 10 ? "0" : "" ) + heure);
+    $("#min").html(( min < 10 ? "0" : "" ) + min);
+    $("#sec").html(( sec < 10 ? "0" : "" ) + sec);
+}
+
+function getHeader(name, def) {
+    for (var j = 0; j < getHttp.length(); j++) {
+	if (getHttp.header(j) == name)
+	    return getHttp.data(j);
+    }
+    return def;
 }
 
 $(document).ready(function() {
-   setInterval( function() {
-     update_end();
-     }, 1000);
+    server_time = new Date(getHeader("X-FIC-time"));
+    receive_date = new Date();
+    setInterval( function() {
+	update_end(server_time, receive_date);
+    }, 1000);
 });
diff --git a/nginx-server-common.conf b/nginx-server-common.conf
index e33e72cf..df7afb55 100644
--- a/nginx-server-common.conf
+++ b/nginx-server-common.conf
@@ -7,6 +7,7 @@
     add_header Strict-Transport-Security "max-age=2592000; includeSubdomains";
     add_header X-Frame-Options DENY;
     add_header X-Content-Type-Options nosniff;
+    add_header X-FIC-time $msec;
 
     location / {
       if (-f $request_filename) {